On Mon, May 05, 2008 at 11:27:59AM -0500, Charles Duffy wrote: > Per subject. I don't understand what the client is waiting for -- > according to 'ls' with debug set, every packet sent has received a > response. Could the unhandled 'env' requests be related?
I suspect the server sends truncated replies. Please try this patch (against 3.7.2 version). -- Alexander.
Index: SFtp.cc =================================================================== RCS file: /home/lav/cvsroot/lftp/src/SFtp.cc,v retrieving revision 1.78 diff -u -p -r1.78 SFtp.cc --- SFtp.cc 8 Apr 2008 19:35:11 -0000 1.78 +++ SFtp.cc 7 May 2008 07:41:53 -0000 @@ -388,7 +388,12 @@ void SFtp::Packet::PackString(Buffer *b, SFtp::unpack_status_t SFtp::Packet::UnpackString(const Buffer *b,int *offset,int limit,xstring *str_out) { if(limit-*offset<4) - return b->Eof()?UNPACK_PREMATURE_EOF:UNPACK_NO_DATA_YET; + { + // We unpack strings when we have already received complete packet, + // so it is not possible to receive any more data. + LogError(2,"bad string in reply (truncated length field)"); + return UNPACK_WRONG_FORMAT; + } int len=b->UnpackUINT32BE(*offset); if(len>limit-*offset-4) @@ -441,8 +446,8 @@ SFtp::unpack_status_t SFtp::Packet::Unpa SFtp::unpack_status_t SFtp::UnpackPacket(Buffer *b,SFtp::Packet **p) { - *p=0; Packet *&pp=*p; + pp=0; Packet probe; unpack_status_t res=probe.Unpack(b); @@ -517,8 +522,8 @@ SFtp::unpack_status_t SFtp::UnpackPacket ; } probe.DropData(b); - delete *p; - *p=0; + delete pp; + pp=0; } return res; } @@ -1851,9 +1856,19 @@ SFtp::unpack_status_t SFtp::Reply_STATUS UNPACK32(code); if(protocol_version>=3) { + if(unpacked>=limit) + { + LogError(2,"Status reply lacks `error message' field"); + return UNPACK_SUCCESS; + } res=Packet::UnpackString(b,offset,limit,&message); if(res!=UNPACK_SUCCESS) return res; + if(unpacked>=limit) + { + LogError(2,"Status reply lacks `language tag' field"); + return UNPACK_SUCCESS; + } res=Packet::UnpackString(b,offset,limit,&language); if(res!=UNPACK_SUCCESS) return res;